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(g) A method for utilising medium nonuniformities to minimize unauthorized duplication of digital 
Information. 

@ The present invention is a method for pre- 
venting unauthorized copying and use of infor- 
mation which is stored on a storage medium 
and for restricting the use of such infomnation 
to designated devices. Copy protection is 
achieved by generating a signature from a given 
storage medium. The signature is derived from 
an arbitrarily selected list of nonunifonnities, 
unifonnities and their attributes. The selected 
list may contain nonuniformities at any granul- 
arity level. As such, this signature is unique to a 
given storage medium in the same way finger 
prints are unique to a human being. This signat- 
ure Is used to derive a key for encrypting the 
informatton on ttie storage nrtedium. Any copy- 
ing of the distritxjtion Information from one 
storage medium to another results in the muta- 
tion of tiie stgnature required to decrypt tiie 
information. Therefore, the present invention 
obviates the need for introducing artificial indi- 
ca or requiring a special hardware subsystem 
for achieving a copy protectfon scheme. 

Restricting the usage of infonnation on a 
d'lstributk^n medium to a designated device is 
achieved by verifying the device ID (DiD-D) of 
the device with the device ID (DID-S) stored in 
tiie dtstritxition medium before the decryption 
and transfer of infonnation are undertaken. De- 
cryptfon of the Infonnatton is accomplished by 
generating a key from both the signature of the 
distritnjtkin nrtedium and the DID-S. 
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Brief Descfiption of the Drawings 

is a model of information dissemination, 
illustrates sample nonuniformities on a storage medium, 
shows a selected list of nonuniformities on the storage medium as in FIG. 2. 
illustrates sample nonuniformities on another storage medium. 

shows the nonuniformities pattern from a bit by bit copying of the nonuniformities from the stor- 
age medium in FIG. 2 to that in FIG. 4. 

shows the steps an information provider prepares a distribution package in accordance to the 
10 preferred emt>odiment of the present invention. 

illustrates the flow diagram of the list generating program (LGP) used in the preferred embodi- 
ment of the present invention. 

illustrates the flow diagram of the signature generating program (SGP) used in the preferred em- 
bodinnent of the present invention. 
IS FIG. 7A illustrates the steps an information consumer accesses and uses the information from the dis- 
tribution package prepared in FIGS. 6A - 6C. 

illustrates the flow diagram of the signature verification program (SVP) used In the preferred enr>- 
bodiment of the present invention. 

20 Detailed Description of the Invention 

A method and apparatus for utilizing medium nonuniformities to prevent the unauthorized duplication and 
use of digital information is descrit>ed. In the following description, numerous specific details are set forth such 
as bit pattern and program steps, eta in order to provide a thorough understanding of the present invention. 
25 It will be obvious to one skilled in the art that the present invention may be practised without these specific 
details. In other instances, well-known steps such as those involved with encryption and decryption of data 
are not shown in order not to obscure the present invention. 
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Notation and Nomenclature 



The detailed description with respect to the copy protection scheme using medium signature is presented 
partially in terms of algorithm and symbolic representatton upon operation on data bits within the computer 
memory. These algorithmic descriptions and representations are the means used by those skilled in the art 
of data processing to most effectively convey the substance of their work to others skilled in the art 

35 An algorithm is here, and generally, conceived to be a self-consistent sequence of steps leading to a de- 

sired result These steps are those require physical manipulation of physical quantities. Usually, though not 
necessarily, these quantities take the form of electrical or magnetic signals capable of t>eing stored, transfer- 
red, combined, and othervnse manipulated. In this case, the physical quantities are voltage signals which cor- 
respond to the information t>eing distributed. It proves convenient at times, principally for reason of common 

40 usage, to refer to these signals as bits, values, elements, symbote, characters, terms, numbers or the like. It 
should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate 
physical quantities and are merely convenient labels applied to these quantities. 

Further, the manipulations performed are often referred to in terms such as adding or comparing, which 
are comnrwnty associated with the mental operations performed by a human operator. No such capability of 

45 a human operator is necessary, or desirable. In most cases, in any of the operations described herein which 
form part of the present invention, the operations are machine operations. Useful machines for performing the 
operations of the present invention include general purpose digital computers or simflar devices such as digital 
signal processors. In all cases, it shoukt be borne in mind that there is a distinction between the method op- 
eration in operating a computer or other apparatus and the method of computation itself. The present invention 

50 relates to method steps for preventing unauthorized use of distributed infonmatton via medium signature to gen- 
erate other desired physical signals. 

The present invention also relates to an apparatus for performing these operations. This apparatus may 
be specially constructed for the required purpose or it may comprise a general purpose computer as selectively 
.activated or reconfigured by a computer program stored in the computer. The algorithms presented herein are 

55 not inherently related to any particular computer or other apparatus. In particular, various general purpose ma- 
chines may be used with programs written in accordance with the teachings herein, or it may prove more con- 
venient to construct specialized apparatus such as digital signal processor to perform the required method 
steps. The required structure for a variety of these machines would appear from the description given below. 
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niformities of the medium. Typically, an NDP reads a given location on a storage medium, tests whether there 
are any nonuniformities due to the manufacturing process. These nonu niformities manifest themselves in 
many ways. The NDP returns a value of a location as either "good' or "bad". In general, a "bad" location is 
one which cannot be used for storing a chosen bit of information. Some form of NDP are used in MS-DOS® 

5 Format Command and Norton Utilities®, MS-DOS is a registered trademark of Microsoft Corporation and Nor- 
ton Utilities is a registered trademark of Peter Norton. 

The output from the NDP in step 60 is provided as input to step 70 where a selected list is generated by 
a list generating program (LGP). FIG. 6B is a flow diagram of the LGP used in the preferred embodiment of 
the present invention. In step 65 an integer "k" is chosen based on the characteristics of the storage medium 

10 e.g.. type, capacity or otherwise. The LGP then examines the output from the NDP in step 66. Thereafter "k" 
elements from the nonuniformities are selected at random. At the same time. V elements of the uniform bits 
which are not on the nonuniformities list are also selected at random in step 67. The two chosen lists are per- 
muted randomly in step 69 before it is outputted as the selected list in step 71. The LGP also supplies the at- 
tributes of the locations chosen. 

15 Referring again to FIG. 6A. the selected list from LGP in step 70 is furnished as input to step 80 where a 

signature generating program (SGP) applies a pre-determined function to the selected list to derive a signature 
for the storage medium in question. FIG. 6C is a flow diagram of the SGP used in the preferred embodiment 
of the present invention. As mentioned in the preceding paragraph, the output from the LGP. the selected list, 
is supplied as input to the SGP in step 81. Here, the SGP fetches some pre-determined attributes of the ele- 

20 ments from the storage medium. Next, the SGP applies a pre-detennined function to the list with the attributes 
in step 83. Finally, in step 85 the result of the manipulation by the pre-detenmined function in step 83. i.e. the 
signature, is supplied as Input to step 90 in FIG. 6A. It should be understood by one skilled in the art that the 
function utilized by the SGP could be a mathematical or some other pre-determined manipulation. 

In FIG 6A. together with the signature of the storage medium, the present invention reads the storage me- 

25 diums identification (DID-S) in step 90 in order to generate a key for encrypting the Dl and/or SI in step 100. 
Here, the encryption key is generated by a encryption key generatfon program (EKGP). The details of EKGP 
depends on the particular encryption/deCTyption (EP/DP) scheme emptoyed. In general. EKGP applies a pre- 
determined f unctton or manipulatk»n to the medium signature to generate a string to the key specification of 
the EP/DP scheme used. EP and DP will be described further below. Next, the Dl is read in step 110 and en- 

30 crypted with the key generated in step 100 using a EP in step 120; The output of step 120 is the encrypted 
distributed informatton (EDI). The EP/DP can be any of the known methods of encryption and decryption. One 
such example is DES. See D.E.R. Denning, Cryptography and Data Secc/riiy. Addisfon- Wesley, Reading. MA. 
1 983. In step 130. the information provider decides whether to put the EDI and SI in one or more distribution 
medium. Furthermore, the information provWer decides whether to encrypt any of the SI. In step 140, the dis- 
ss tribution package is then send out to the information consumer. 

2. Access of information 

FIGS 7A-B illustrates the manner in which the informatton consumer accesses and uses the information 

40 contained in the distritnjtksn package prepared in the sect kin above. In FIG. 7 the information consumer reads 
in the file containing the selected list (SLF) from the dtetribution medium in step 150. The output from step 
1 50 is used as an input to step 160 where the SGP is employed to generate the signature for the storage me- 
dium. Next in step 170 the signature of the distributk)n medium is verified. In particular, when a storage me- 
dium is presented to a read/write peripheral, a program called signature verif kxition program (SVP) is invoked. 

45 The SVP checks whether the signature of the medium is identbal to the signature indk:ated in the distribution 
package. Referring to FIG. 7B, in step 171 the SVP reads the signature S,„from the distribution medium. The 
SVP then reiies on NDP, LDP and SGP to generate the signature Sg of the distributk>n medium in step 173. 
The outputs of step 171 and 173 are compared in step 175. If there is no match, then a conditton of incorrect 
signature is indicated in step 177. There are two possibilities for ttie incorrect signature: (1) a read/write per- 

50 ipheral fails to transfer the nonuniform&ies from the distribution medium to a copied medium, or (2) the storage 
medium is a copied or unauthorized medium. Both outcomes are detected by the SVP in step 175. It follows 
that an evade program is invoked in step 180 to halt the program altogether. 

Assuming that there is a match of the signatures in step 175, then the present invention reads the device 
ID (DID-R) from the infonmation consumer's device and from the designated storage device (DID-S) as shown 

55 in step 190 of FIG. 7A. Next, the ID of the designated device is authenticated in step 200 by the device veri- 
f icatfon program DVP. The DID-R from the informatton consumer's devtoe is compared with the stored DID-S 
for the designated device, ff there is no nnatch, an evade program is enabled as an unauthorized device is found 
in step 210. Otherwise, the positive matching of the device IDs in step 200 activates the decryption key gen- 
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10- The method as defined in claim 7. wherein said signature Is a function of a list of said nonuniformities, 
uniformities and their attritMJtes. 

11. The method as defined in daim 10. wherein said list may be a subset of aJI of said nonuniformities, uni- 
5 formities and their attributes. 

12. The method as defined in claim 11, wherein said subset may be arbitrarily selected. 
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Choose an Integer "k" based on the characteristic of 
the medium e.g. type, capacity. 



Examine the List 
output by NOP 



Pick "k" elements from this 
Nonunlformltfes Lfsl at random 



Pick "k- uniform bits, not in the 
nonunlformitles list, at random 



67 



Randomly permute this 
picked list of elements 




Figure SB 



11 




BNSOOCID: <EP 0644^4A1_I_> 



EP 0 644 474 A1 



Eoropeaa Patent 
OtRce 



EUROPEAN SEARCH REPORT 



EP 94 30 6679 



DOCUMENTS CONSIDERED TO BE RELEVANT 



Y 
A 



COMPUTER TECHNOLOGY REVIEW. 

no. 3. April 1984, LOS ANGELES US 

page 239 

W. BROTBY 'DISK FINGERPRINTING STOPS 
SOFTWARE PIRACY' 
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page 3531 
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* page 3531. line 7 - line 12 * 
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* page 5, line 7 - page 6, line 4 * 

* page 8, line 3 - page 15, line 7; figure 
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